Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dir-823g firmware vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-15529
An issue exists on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Username field to Login.
Dlink Dir-823g Firmware 1.0.2b05
9
CVSSv2
CVE-2019-15530
An issue exists on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field to Login.
Dlink Dir-823g Firmware 1.0.2b05
9
CVSSv2
CVE-2019-13128
An issue exists on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings.
Dlink Dir-823g Firmware 1.02b03
5
CVSSv2
CVE-2019-8392
An issue exists on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote malicious users to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead.
Dlink Dir-823g Firmware 1.02b03
5
CVSSv2
CVE-2019-7388
An issue exists in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote malicious users to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an at...
Dlink Dir-823g Firmware 1.02b03
7.8
CVSSv2
CVE-2019-7389
An issue exists in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote malicious users to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of...
Dlink Dir-823g Firmware 1.02b03
5
CVSSv2
CVE-2019-7390
An issue exists in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote malicious users to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API.
Dlink Dir-823g Firmware 1.02b03
9.3
CVSSv2
CVE-2019-7298
An issue exists on D-Link DIR-823G devices with firmware up to and including 1.02B03. A command Injection vulnerability allows malicious users to execute arbitrary OS commands via a crafted /HNAP1 request. This occurs when any HNAP API function triggers a call to the system funct...
Dlink Dir-823g Firmware
10
CVSSv2
CVE-2019-7297
An issue exists on D-Link DIR-823G devices with firmware up to and including 1.02B03. A command Injection vulnerability allows malicious users to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult fu...
D-link Dir-823g Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2